package com.example.demo.controller;
import com.example.demo.entity.Users;
import com.example.demo.service.ClassesService;
import com.example.demo.service.UsersService;
import com.example.demo.service.XuanKeService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.core.ValueOperations;
import org.springframework.http.ResponseEntity;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import java.time.Duration;
import java.util.HashMap;
import java.util.Map;
import java.util.Random;
import java.util.concurrent.TimeUnit;

@Controller
@RequestMapping("/user")
public class UsersController {
    @Autowired
    private UsersService usersService;

    @Autowired
    private ClassesService classesService;

    @Autowired
    private XuanKeService xuanKeService;

    @Autowired
    private RedisTemplate redisTemplate;


    @RequestMapping(value = "/login1", method = RequestMethod.POST)
    @ResponseBody
    public Map<String, Object> login(@RequestBody Users users, HttpServletRequest request) {
        Map<String, Object> retData = new HashMap<>();
        HttpSession session = request.getSession();

        // 检查是否已经连续登录失败3次
        int consecutiveFailedAttempts = 0;
        String username = users.getUsername();
        String loginAttemptKey = "loginAttempts:" + username;
        ValueOperations<String, Integer> valueOps = redisTemplate.opsForValue();
        if (redisTemplate.hasKey(loginAttemptKey)) {
            consecutiveFailedAttempts = valueOps.get(loginAttemptKey);
        }

        // 检查账户是否被锁定
        if (consecutiveFailedAttempts >= 3) {
            retData.put("code", 403);
            retData.put("message", "登录失败次数过多，账户已锁定，请5分钟后再试");
            return retData;
        }

        // 进行登录验证
        boolean isSuccess = usersService.login(users.getUsername(), users.getPassword());
        if (isSuccess) {
            session.setAttribute("userName", users.getUsername());
            session.setAttribute("passWord", users.getPassword());
            retData.put("code", 200);
            retData.put("message", "登录成功");
            // 登录成功后重置连续登录失败次数
            valueOps.set(loginAttemptKey, 0);
            redisTemplate.expire(loginAttemptKey, 0, TimeUnit.SECONDS);
        } else {
            // 登录失败，增加连续登录失败次数
            consecutiveFailedAttempts++;
            valueOps.set(loginAttemptKey, consecutiveFailedAttempts);
            // 提示登录失败原因
            retData.put("code", 401); // 使用401状态码表示未授权
            retData.put("message", "登录失败，用户名或密码错误");
            // 如果达到3次连续登录失败，则锁定账户5分钟
            if (consecutiveFailedAttempts >= 3) {
                retData.put("code", 403);
                retData.put("message", "登录失败次数过多，账户已锁定，请5分钟后再试");
                // 设置账户锁定截止时间为当前时间加5分钟
                redisTemplate.expire(loginAttemptKey, 5, TimeUnit.MINUTES);
            }
        }
        return retData;


    }

}





